Shadow IT Personified

An imaginary yet realistic scenario of how cloud security is compromised every day

Imagine walking through the front door of your office. On your left, a robot looks like it is trying to crack a lock on a file cabinet. You say hello to the new hire who already knows the answer to all your website security questions. She’s walking towards you carrying a large stack of folders labelled “Confidential” in big red letters. You hold the door open for her. Everyone is carrying on like nothing is unusual.

Sound a little crazy? That’s because it is, and these things happen every day with your not-so-visible digital operations.

What does Shadow IT look like?

Thousands of digital operations take place on any given work day. For the most part, these activities go unmonitored and unnoticed. Shadow IT is the term used to described the unsanctioned use of cloud apps, which includes:

Cloud app login failures

File transfers to cloud apps

Abnormal cloud app behaviors and anomalies

Let’s take a peek at what these would look like in the real world:

A group of men has gathered in your lobby. They sound like Ivan Drago from “Rocky.” One of them asks you if you’d like to come to a party with them later and they hand you a personal invitation. The envelope is thick and the card is well designed. You look back up and they are gone. Weird.

Jackie the office manager says, “Good morning.” Behind her, you see Jack Harris, who was fired a few weeks ago because he wouldn’t get his sales act together after several incidents. He’s rummaging through the filing cabinets looking at account folders. Jackie doesn’t seem to mind.

You sit in your chair and wonder, “What the hell is going on?” You put your coffee down on your desk and reach for the keys in your pocket. They are gone. The phone rings. It’s your biggest client. Due to your ongoing relationship, they let you know that Jack Harris reached out to them representing a different company. They reassure you that the account is safe for now, but that they wanted you to know.

You walk back into the office to see if anyone has seen your keys. The robot trying to crack the lock when you walked in is now helping your new hire carry out more folders. Your keys are on Jackie’s desk. She confirmed her invite from you to the party later. “I didn’t send you an invite to any party.” Before she can reply, an auditor from the government walks through the front door for a review. Then, you hear everyone else in the office confirm their invites.